hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-12 05:01:06 +01:00
Code Issues Packages Projects Releases Wiki Activity

Rename classes for external sanitizers

Browse Source
This commit is contained in:
Owen Mansel-Chan
2025-12-17 10:47:45 +00:00
parent 63329b47d8
commit 81667d741a
5 changed files with 10 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
java/ql/lib/semmle/code/java/security/PathSanitizer.qll
View File

@@ -289,8 +289,8 @@ private Method getSourceMethod(Method m) {
result = m
}
private class DefaultPathInjectionSanitizer extends PathInjectionSanitizer {
DefaultPathInjectionSanitizer() { barrierNode(this, "path-injection") }
private class ExternalPathInjectionSanitizer extends PathInjectionSanitizer {
ExternalPathInjectionSanitizer() { barrierNode(this, "path-injection") }
}
/** Holds if `g` is a guard that checks for `..` components. */

4
java/ql/lib/semmle/code/java/security/RequestForgery.qll
View File

@@ -118,8 +118,8 @@ private class ContainsUrlSanitizer extends RequestForgerySanitizer {
}
}
private class DefaultRequestForgerySanitizer extends RequestForgerySanitizer {
DefaultRequestForgerySanitizer() { barrierNode(this, "request-forgery") }
private class ExternalRequestForgerySanitizer extends RequestForgerySanitizer {
ExternalRequestForgerySanitizer() { barrierNode(this, "request-forgery") }
}
/**

4
java/ql/lib/semmle/code/java/security/TrustBoundaryViolationQuery.qll
View File

@@ -27,8 +27,8 @@ class TrustBoundaryViolationSink extends DataFlow::Node {
*/
abstract class TrustBoundaryValidationSanitizer extends DataFlow::Node { }
private class DefaultTrustBoundaryValidationSanitizer extends TrustBoundaryValidationSanitizer {
DefaultTrustBoundaryValidationSanitizer() { barrierNode(this, "trust-boundary-violation") }
private class ExternalTrustBoundaryValidationSanitizer extends TrustBoundaryValidationSanitizer {
ExternalTrustBoundaryValidationSanitizer() { barrierNode(this, "trust-boundary-violation") }
}
/**

4
java/ql/lib/semmle/code/java/security/XSS.qll
View File

@@ -54,8 +54,8 @@ private class DefaultXssSink extends XssSink {
}
}
private class DefaultXssSanitizer extends XssSanitizer {
DefaultXssSanitizer() { barrierNode(this, ["html-injection", "js-injection"]) }
private class ExternalXssSanitizer extends XssSanitizer {
ExternalXssSanitizer() { barrierNode(this, ["html-injection", "js-injection"]) }
}
/** A sanitizer that considers numeric and boolean typed data safe for writing to output. */

4
java/ql/lib/semmle/code/java/security/regexp/RegexInjection.qll
View File

@@ -21,8 +21,8 @@ private class DefaultRegexInjectionSink extends RegexInjectionSink {
}
}
private class DefaultRegexInjectionSanitizer extends RegexInjectionSanitizer {
DefaultRegexInjectionSanitizer() { barrierNode(this, "regex-use") }
private class ExternalRegexInjectionSanitizer extends RegexInjectionSanitizer {
ExternalRegexInjectionSanitizer() { barrierNode(this, "regex-use") }
}
/**